基于区块链的物联网身份认证技术探讨

程迪; 郑崇辉; 毛锐; 王妍; 康迪; 李嘉成; 黄伟庆

引用本文：

程迪,郑崇辉,毛锐,王妍,康迪,李嘉成,黄伟庆.基于区块链的物联网身份认证技术探讨[J].信息安全学报,已采用 [点击复制]
Cheng Di,Zheng Chonghui,Mao Rui,Wang Yan,Kang Di,Li Jiacheng,Huang Weiqing.Discussion on Identity Authentication in Internet of Things based on Blockchain[J].Journal of Cyber Security,Accept [点击复制]

本文已被：浏览 1188次下载 3次
基于区块链的物联网身份认证技术探讨
程迪¹, 郑崇辉², 毛锐¹, 王妍¹, 康迪³, 李嘉成¹, 黄伟庆¹
0 字体:加大+\|默认\|缩小-
(1.中国科学院信息工程研究所;2.中国科学院大学杭州高等研究院;3.国家保密科技测评中心)

摘要:

随着物联网规模不断扩大，传统身份认证技术面临的安全问题日益凸显，如身份信息难以统一管理、用户隐私易被恶意泄露以及遭受大量新型攻击威胁等。为解决以上问题，大量研究人员在物联网身份认证中引入了新兴的去中心化区块链技术，设计出分布式认证架构替代集中认证架构，实现了高可扩展、安全可靠的认证。针对物联网在智能家居、汽车、医疗、移动通信等各大行业面临的身份认证安全挑战，本文对现有基于区块链的物联网身份认证解决方案进行了综述。首先，本文从身份信息管理和隐私保护两个角度，分析了传统物联网身份认证技术面临的主要问题和安全需求。其次，根据区块链在物联网认证系统中工作方式的差异，从身份信息的存储媒介和认证数据的共识算法两方面，对基于区块链的物联网身份认证方案进行分类归纳，具体细分为：部署底层设备、单层集群头、多层集群头作为区块链矿工的三个类别，和以工作量证明、权益证明、拜占庭容错、其他算法作为区块链共识协议的四个类别，并对它们的优缺点进行综合比较分析。随后，阐述这些分布式认证方案实现的安全性及性能，总结出区块链在物联网身份认证系统中表现的5点优势，包括消除单点故障、保证数据完整性、抵御恶意攻击、加密数据隐私、提高认证效率。最后，对基于区块链的物联网身份认证技术在认证效率、可扩展性、共识优化和隐私保护4个方面尚存的不足进行了讨论，并提出了区块链存储成本的控制、高效共识的设计、人工智能的辅助、以及现实环境下的方案评估等4个有待研究的方向。

关键词: 物联网身份认证区块链分布式存储共识算法隐私保护

DOI：10.19363/J.cnki.cn10-1380/tn.2025.04.19

投稿时间：2023-11-16修订日期：2024-03-15

基金项目:国家重点研发计划

Discussion on Identity Authentication in Internet of Things based on Blockchain

Cheng Di¹, Zheng Chonghui², Mao Rui¹, Wang Yan¹, Kang Di³, Li Jiacheng¹, Huang Weiqing¹

(1.Institute of Information Engineering，Chinese Academy of Sciences;2.Hangzhou Institute for Advanced Study, University of Chinese Academy of Sciences;3.National Secrecy Science and Technology Evaluation Center)

Abstract:

With the continuous expansion of the Internet of Things (IoT), the security issues faced by traditional identity authentication technologies are becoming increasingly prominent. These issues encompass challenges in unified management of identity information, malicious disclosure of user privacy, and the emergence of numerous novel attack threats. To address these challenges, a significant number of researchers have introduced emerging decentralized blockchain technologies into IoT identity authentication. As a result, they have designed distributed authentication architectures as substitutes for centralized ones, achieving authentication that is highly scalable, secure, and reliable. In response to the identity authen-tication security challenges encountered by the IoT in major industries such as smart homes, automotive, healthcare, and mobile communications, this paper presents a comprehensive review of existing blockchain-based identity authentication solutions for the IoT. Firstly, this study examines the key issues and security requirements faced by traditional IoT identity authentication technologies, focusing on identity information management and privacy protection. Secondly, based on the variations in the functioning of blockchain within IoT authentication systems, this paper categorizes and summarizes blockchain-based IoT identity authentication solutions from two perspectives: the storage medium for identity information and the consensus algorithms for authentication data. Specifically, the solutions are classified into three categories: deployment on underlying devices, single-layer cluster heads, and multi-layer cluster heads serving as blockchain miners. Additionally, the solutions are further classified into four categories based on the blockchain consensus protocols, namely Proof of Work (PoW), Proof of Stake (PoS), Byzantine Fault Tolerance (BFT), and other algorithms. Furthermore, we conduct a comprehensive comparative analysis to evaluate the strengths and weaknesses of these solutions. Subsequently, we elaborate on the security and performance achieved by these distributed authentication solutions, summarizing five key advantages demonstrated by blockchain in IoT identity authentication systems. These advantages include the elimination of single points of failure, assurance of data integrity, resilience against malicious attacks, encryption of data privacy, and enhancement of authentication efficiency. Finally, we conduct a comprehensive discussion on the existing deficien-cies of blockchain-based IoT identity authentication technology, encompassing four critical aspects: authentication effi-ciency, scalability, consensus optimization, and privacy protection. Moreover, we propose four promising research directions: the control of blockchain storage costs, the design of efficient consensus mechanisms, the integration of artificial intelligence assistance, and the evaluation of solutions in real-world environments.

Key words: Internet of Things Identity Authentication Blockchain Distributed Storage Consensus Algorithm Privacy Protection